externalauth

package

v2.10.2 Latest Latest Go to latest Published: Apr 22, 2024 License: AGPL-3.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/coder/coder

Links

Open Source Insights

Documentation ¶

Index ¶

type AppInstallation
type Config
- func ConvertConfig(instrument *promoauth.Factory, entries []codersdk.ExternalAuthConfig, ...) ([]*Config, error)
type DeviceAuth
- func (c *DeviceAuth) AuthorizeDevice(ctx context.Context) (*codersdk.ExternalAuthDevice, error)
- func (c *DeviceAuth) ExchangeDeviceCode(ctx context.Context, deviceCode string) (*oauth2.Token, error)
type ExchangeDeviceCodeResponse

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AppInstallation ¶

type AppInstallation struct {
	ID int
	// Login is the username of the installation.
	Login string
	// URL is a link to configure the app install.
	URL string
}

type Config ¶

type Config struct {
	promoauth.InstrumentedOAuth2Config
	// ID is a unique identifier for the authenticator.
	ID string
	// Type is the type of provider.
	Type string
	// DeviceAuth is set if the provider uses the device flow.
	DeviceAuth *DeviceAuth
	// DisplayName is the name of the provider to display to the user.
	DisplayName string
	// DisplayIcon is the path to an image that will be displayed to the user.
	DisplayIcon string

	// ExtraTokenKeys is a list of extra properties to
	// store in the database returned from the token endpoint.
	//
	// e.g. Slack returns `authed_user` in the token which is
	// a payload that contains information about the authenticated
	// user.
	ExtraTokenKeys []string

	// NoRefresh stops Coder from using the refresh token
	// to renew the access token.
	//
	// Some organizations have security policies that require
	// re-authentication for every token.
	NoRefresh bool
	// ValidateURL ensures an access token is valid before
	// returning it to the user. If omitted, tokens will
	// not be validated before being returned.
	ValidateURL string

	// Regex is a Regexp matched against URLs for
	// a Git clone. e.g. "Username for 'https://github.com':"
	// The regex would be `github\.com`..
	Regex *regexp.Regexp
	// AppInstallURL is for GitHub App's (and hopefully others eventually)
	// to provide a link to install the app. There's installation
	// of the application, and user authentication. It's possible
	// for the user to authenticate but the application to not.
	AppInstallURL string
	// AppInstallationsURL is an API endpoint that returns a list of
	// installations for the user. This is used for GitHub Apps.
	AppInstallationsURL string
}

Config is used for authentication for Git operations.

func ConvertConfig ¶

func ConvertConfig(instrument *promoauth.Factory, entries []codersdk.ExternalAuthConfig, accessURL *url.URL) ([]*Config, error)

ConvertConfig converts the SDK configuration entry format to the parsed and ready-to-consume in coderd provider type.

func (*Config) AppInstallations ¶

func (c *Config) AppInstallations(ctx context.Context, token string) ([]codersdk.ExternalAuthAppInstallation, bool, error)

AppInstallations returns a list of app installations for the given token. If the provider does not support app installations, it returns nil.

func (*Config) GenerateTokenExtra ¶ added in v2.3.0

func (c *Config) GenerateTokenExtra(token *oauth2.Token) (pqtype.NullRawMessage, error)

GenerateTokenExtra generates the extra token data to store in the database.

func (*Config) RefreshToken ¶

func (c *Config) RefreshToken(ctx context.Context, db database.Store, externalAuthLink database.ExternalAuthLink) (database.ExternalAuthLink, bool, error)

RefreshToken automatically refreshes the token if expired and permitted. It returns the token and a bool indicating if the token is valid.

func (*Config) ValidateToken ¶

func (c *Config) ValidateToken(ctx context.Context, link *oauth2.Token) (bool, *codersdk.ExternalAuthUser, error)

ValidateToken ensures the Git token provided is valid! The user is optionally returned if the provider supports it.

type DeviceAuth ¶

type DeviceAuth struct {
	// Config is provided for the http client method.
	Config   promoauth.InstrumentedOAuth2Config
	ClientID string
	TokenURL string
	Scopes   []string
	CodeURL  string
}

func (*DeviceAuth) AuthorizeDevice ¶

func (c *DeviceAuth) AuthorizeDevice(ctx context.Context) (*codersdk.ExternalAuthDevice, error)

AuthorizeDevice begins the device authorization flow. See: https://tools.ietf.org/html/rfc8628#section-3.1

func (*DeviceAuth) ExchangeDeviceCode ¶

func (c *DeviceAuth) ExchangeDeviceCode(ctx context.Context, deviceCode string) (*oauth2.Token, error)

ExchangeDeviceCode exchanges a device code for an access token. The boolean returned indicates whether the device code is still pending and the caller should try again.

type ExchangeDeviceCodeResponse ¶

type ExchangeDeviceCodeResponse struct {
	AccessToken      string `json:"access_token"`
	RefreshToken     string `json:"refresh_token"`
	ExpiresIn        int    `json:"expires_in"`
	Error            string `json:"error"`
	ErrorDescription string `json:"error_description"`
}

Source Files ¶

View all Source files

externalauth.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL